nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 09:27:59 +00:00
Code Issues Projects Releases Wiki Activity

Invent a struct type for polymorphic SSH key data.

Browse Source 
During last week's work, I made a mistake in which I got the arguments
backwards in one of the key-blob-generating functions - mistakenly
swapped the 'void *' key instance with the 'BinarySink *' output
destination - and I didn't spot the mistake until run time, because in
C you can implicitly convert both to and from void * and so there was
no compile-time failure of type checking.

Now that I've introduced the FROMFIELD macro that downcasts a pointer
to one field of a structure to retrieve a pointer to the whole
structure, I think I might start using that more widely to indicate
this kind of polymorphic subtyping. So now all the public-key
functions in the struct ssh_signkey vtable handle their data instance
in the form of a pointer to a subfield of a new zero-sized structure
type 'ssh_key', which outside the key implementations indicates 'this
is some kind of key instance but it could be of any type'; they
downcast that pointer internally using FROMFIELD in place of the
previous ordinary C cast, and return one by returning &foo->sshk for
whatever foo they've just made up.

The sshk member is not at the beginning of the structure, which means
all those FROMFIELDs and &key->sshk are actually adding and
subtracting an offset. Of course I could have put the member at the
start anyway, but I had the idea that it's actually a feature _not_ to
have the two types start at the same address, because it means you
should notice earlier rather than later if you absentmindedly cast
from one to the other directly rather than by the approved method (in
particular, if you accidentally assign one through a void * and back
without even _noticing_ you perpetrated a cast). In particular, this
enforces that you can't sfree() the thing even once without realising
you should instead of called the right freekey function. (I found
several bugs by this method during initial testing, so I think it's
already proved its worth!)

While I'm here, I've also renamed the vtable structure ssh_signkey to
ssh_keyalg, because it was a confusing name anyway - it describes the
_algorithm_ for handling all keys of that type, not a specific key. So
ssh_keyalg is the collection of code, and ssh_key is one instance of
the data it handles.
This commit is contained in:
Simon Tatham 2018-05-27 08:32:21 +01:00
parent 9375f594c2
commit 0fc2d3b455
9 changed files with 225 additions and 220 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cmdgen.c
View File

@ -248,7 +248,7 @@ int main(int argc, char **argv)
struct RSAKey *ssh1key = NULL;
strbuf *ssh2blob = NULL;
char *ssh2alg = NULL;
const struct ssh_signkey *ssh2algf = NULL;
const ssh_keyalg *ssh2algf = NULL;
char *old_passphrase = NULL, *new_passphrase = NULL;
int load_encrypted;
progfn_t progressfn = is_interactive() ? progress_update : no_progress;
@ -722,21 +722,21 @@ int main(int argc, char **argv)
struct dss_key *dsskey = snew(struct dss_key);
dsa_generate(dsskey, bits, progressfn, &prog);
ssh2key = snew(struct ssh2_userkey);
ssh2key->data = dsskey;
ssh2key->data = &dsskey->sshk;
ssh2key->alg = &ssh_dss;
ssh1key = NULL;
} else if (keytype == ECDSA) {
struct ec_key *ec = snew(struct ec_key);
ec_generate(ec, bits, progressfn, &prog);
ssh2key = snew(struct ssh2_userkey);
ssh2key->data = ec;
ssh2key->data = &ec->sshk;
ssh2key->alg = ec->signalg;
ssh1key = NULL;
} else if (keytype == ED25519) {
struct ec_key *ec = snew(struct ec_key);
ec_edgenerate(ec, bits, progressfn, &prog);
ssh2key = snew(struct ssh2_userkey);
ssh2key->data = ec;
ssh2key->data = &ec->sshk;
ssh2key->alg = &ssh_ecdsa_ed25519;
ssh1key = NULL;
} else {
@ -747,7 +747,7 @@ int main(int argc, char **argv)
ssh1key = rsakey;
} else {
ssh2key = snew(struct ssh2_userkey);
ssh2key->data = rsakey;
ssh2key->data = &rsakey->sshk;
ssh2key->alg = &ssh_rsa;
}
}

10
import.c
View File

@ -649,7 +649,7 @@ struct ssh2_userkey *openssh_pem_read(const Filename *filename,
/* And now for something completely different */
unsigned char *priv;
int privlen;
const struct ssh_signkey *alg;
const ssh_keyalg *alg;
const struct ec_curve *curve;
/* Read INTEGER 1 */
ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
@ -980,6 +980,7 @@ int openssh_pem_write(const Filename *filename, struct ssh2_userkey *key,
key->alg == &ssh_ecdsa_nistp384 ||
key->alg == &ssh_ecdsa_nistp521) {
const unsigned char *oid;
struct ec_key *ec = FROMFIELD(key->data, struct ec_key, sshk);
int oidlen;
int pointlen;
strbuf *seq, *sub;
@ -995,8 +996,7 @@ int openssh_pem_write(const Filename *filename, struct ssh2_userkey *key,
* BIT STRING (0x00 public key point)
*/
oid = ec_alg_oid(key->alg, &oidlen);
pointlen = (((struct ec_key *)key->data)->publicKey.curve->fieldBits
+ 7) / 8 * 2;
pointlen = (ec->publicKey.curve->fieldBits + 7) / 8 * 2;
seq = strbuf_new();
@ -1430,7 +1430,7 @@ struct ssh2_userkey *openssh_new_read(const Filename *filename,
unsigned checkint0, checkint1;
const void *priv, *string;
int privlen, stringlen, key_index;
const struct ssh_signkey *alg = NULL;
const ssh_keyalg *alg = NULL;
if (!key)
return NULL;
@ -2114,7 +2114,7 @@ struct ssh2_userkey *sshcom_read(const Filename *filename, char *passphrase,
char *ciphertext;
int cipherlen;
struct ssh2_userkey *ret = NULL, *retkey;
const struct ssh_signkey *alg;
const ssh_keyalg *alg;
strbuf *blob = NULL;
if (!key)

26
ssh.c
View File

@ -426,7 +426,7 @@ static void ssh2_connection_input(Ssh ssh);
#define OUR_V2_PACKETLIMIT 0x9000UL
struct ssh_signkey_with_user_pref_id {
const struct ssh_signkey *alg;
const ssh_keyalg *alg;
int id;
};
const static struct ssh_signkey_with_user_pref_id hostkey_algs[] = {
@ -909,7 +909,7 @@ struct ssh_tag {
const struct ssh_compress *cscomp, *sccomp;
void *cs_comp_ctx, *sc_comp_ctx;
const struct ssh_kex *kex;
const struct ssh_signkey *hostkey;
const ssh_keyalg *hostkey;
char *hostkey_str; /* string representation, for easy checking in rekeys */
unsigned char v2_session_id[SSH2_KEX_MAX_HASH_LEN];
int v2_session_id_len;
@ -4095,7 +4095,7 @@ static void ssh_disconnect(Ssh ssh, const char *client_reason,
}
int verify_ssh_manual_host_key(Ssh ssh, const char *fingerprint,
const struct ssh_signkey *ssh2keytype,
const ssh_keyalg *ssh2keytype,
void *ssh2keydata)
{
if (!conf_get_str_nthstrkey(ssh->conf, CONF_ssh_manual_hostkeys, 0)) {
@ -6377,7 +6377,7 @@ struct kexinit_algorithm {
int warn;
} kex;
struct {
const struct ssh_signkey *hostkey;
const ssh_keyalg *hostkey;
int warn;
} hk;
struct {
@ -6438,7 +6438,7 @@ static struct kexinit_algorithm *ssh2_kexinit_addalg(struct kexinit_algorithm
* we permit precisely those host keys in non-GSS rekeys.
*/
struct ssh_transient_hostkey_cache_entry {
const struct ssh_signkey *alg;
const ssh_keyalg *alg;
strbuf *pub_blob;
};
@ -6452,7 +6452,7 @@ static int ssh_transient_hostkey_cache_cmp(void *av, void *bv)
static int ssh_transient_hostkey_cache_find(void *av, void *bv)
{
const struct ssh_signkey *aalg = (const struct ssh_signkey *)av;
const ssh_keyalg *aalg = (const ssh_keyalg *)av;
const struct ssh_transient_hostkey_cache_entry
*b = (const struct ssh_transient_hostkey_cache_entry *)bv;
return strcmp(aalg->name, b->alg->name);
@ -6475,7 +6475,7 @@ static void ssh_cleanup_transient_hostkey_store(Ssh ssh)
}
static void ssh_store_transient_hostkey(
Ssh ssh, const struct ssh_signkey *alg, void *key)
Ssh ssh, const ssh_keyalg *alg, ssh_key *key)
{
struct ssh_transient_hostkey_cache_entry *ent, *retd;
@ -6494,7 +6494,7 @@ static void ssh_store_transient_hostkey(
}
static int ssh_verify_transient_hostkey(
Ssh ssh, const struct ssh_signkey *alg, void *key)
Ssh ssh, const ssh_keyalg *alg, ssh_key *key)
{
struct ssh_transient_hostkey_cache_entry *ent;
int toret = FALSE;
@ -6515,7 +6515,7 @@ static int ssh_verify_transient_hostkey(
return toret;
}
static int ssh_have_transient_hostkey(Ssh ssh, const struct ssh_signkey *alg)
static int ssh_have_transient_hostkey(Ssh ssh, const ssh_keyalg *alg)
{
struct ssh_transient_hostkey_cache_entry *ent =
find234(ssh->transient_hostkey_cache, (void *)alg,
@ -6567,9 +6567,9 @@ static void do_ssh2_transport(void *vctx)
const struct ssh_compress *sccomp_tobe;
char *hostkeydata, *sigdata, *rsakeydata, *keystr, *fingerprint;
int hostkeylen, siglen, rsakeylen;
void *hkey; /* actual host key */
void *rsakey; /* for RSA kex */
void *eckey; /* for ECDH kex */
ssh_key *hkey; /* actual host key */
struct RSAKey *rsakey; /* for RSA kex */
struct ec_key *eckey; /* for ECDH kex */
unsigned char exchange_hash[SSH2_KEX_MAX_HASH_LEN];
int n_preferred_kex;
int can_gssapi_keyex;
@ -12710,7 +12710,7 @@ static const struct telnet_special *ssh_get_specials(void *handle)
ADD_SPECIALS(uncert_start);
for (i = 0; i < ssh->n_uncert_hostkeys; i++) {
struct telnet_special uncert[1];
const struct ssh_signkey *alg =
const ssh_keyalg *alg =
hostkey_algs[ssh->uncert_hostkeys[i]].alg;
uncert[0].name = alg->name;
uncert[0].code = TS_LOCALSTART + ssh->uncert_hostkeys[i];

90
ssh.h
View File

@ -74,6 +74,9 @@ void share_setup_x11_channel(void *csv, void *chanv,
typedef void *Bignum;
#endif
typedef struct ssh_key {} ssh_key;
typedef struct ssh_keyalg ssh_keyalg;
struct RSAKey {
int bits;
int bytes;
@ -84,10 +87,12 @@ struct RSAKey {
Bignum q;
Bignum iqmp;
char *comment;
ssh_key sshk;
};
struct dss_key {
Bignum p, q, g, y, x;
ssh_key sshk;
};
struct ec_curve;
@ -141,23 +146,22 @@ struct ec_curve {
};
};
const struct ssh_signkey *ec_alg_by_oid(int len, const void *oid,
const ssh_keyalg *ec_alg_by_oid(int len, const void *oid,
const struct ec_curve **curve);
const unsigned char *ec_alg_oid(const struct ssh_signkey *alg, int *oidlen);
const unsigned char *ec_alg_oid(const ssh_keyalg *alg, int *oidlen);
extern const int ec_nist_curve_lengths[], n_ec_nist_curve_lengths;
int ec_nist_alg_and_curve_by_bits(int bits,
const struct ec_curve **curve,
const struct ssh_signkey **alg);
const ssh_keyalg **alg);
int ec_ed_alg_and_curve_by_bits(int bits,
const struct ec_curve **curve,
const struct ssh_signkey **alg);
struct ssh_signkey;
const ssh_keyalg **alg);
struct ec_key {
const struct ssh_signkey *signalg;
const ssh_keyalg *signalg;
struct ec_point publicKey;
Bignum privateKey;
struct ssh_key sshk;
};
struct ec_point *ec_public(const Bignum privateKey, const struct ec_curve *curve);
@ -203,22 +207,22 @@ int detect_attack(void *handle, unsigned char *buf, uint32 len,
* SSH2 RSA key exchange functions
*/
struct ssh_hash;
void *ssh_rsakex_newkey(const void *data, int len);
void ssh_rsakex_freekey(void *key);
int ssh_rsakex_klen(void *key);
struct RSAKey *ssh_rsakex_newkey(const void *data, int len);
void ssh_rsakex_freekey(struct RSAKey *key);
int ssh_rsakex_klen(struct RSAKey *key);
void ssh_rsakex_encrypt(const struct ssh_hash *h, unsigned char *in, int inlen,
unsigned char *out, int outlen,
void *key);
unsigned char *out, int outlen, struct RSAKey *key);
/*
* SSH2 ECDH key exchange functions
*/
struct ssh_kex;
const char *ssh_ecdhkex_curve_textname(const struct ssh_kex *kex);
void *ssh_ecdhkex_newkey(const struct ssh_kex *kex);
void ssh_ecdhkex_freekey(void *key);
void ssh_ecdhkex_getpublic(void *key, BinarySink *bs);
Bignum ssh_ecdhkex_getkey(void *key, char *remoteKey, int remoteKeyLen);
struct ec_key *ssh_ecdhkex_newkey(const struct ssh_kex *kex);
void ssh_ecdhkex_freekey(struct ec_key *key);
void ssh_ecdhkex_getpublic(struct ec_key *key, BinarySink *bs);
Bignum ssh_ecdhkex_getkey(struct ec_key *key,
char *remoteKey, int remoteKeyLen);
/*
* Helper function for k generation in DSA, reused in ECDSA
@ -380,19 +384,19 @@ struct ssh_kexes {
const struct ssh_kex *const *list;
};
struct ssh_signkey {
void *(*newkey) (const struct ssh_signkey *self,
const void *data, int len);
void (*freekey) (void *key);
char *(*fmtkey) (void *key);
void (*public_blob)(void *key, BinarySink *);
void (*private_blob)(void *key, BinarySink *);
void *(*createkey) (const struct ssh_signkey *self,
const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len);
void *(*openssh_createkey) (const struct ssh_signkey *self,
const unsigned char **blob, int *len);
void (*openssh_fmtkey) (void *key, BinarySink *);
struct ssh_keyalg {
ssh_key *(*newkey) (const ssh_keyalg *self,
const void *data, int len);
void (*freekey) (ssh_key *key);
char *(*fmtkey) (ssh_key *key);
void (*public_blob)(ssh_key *key, BinarySink *);
void (*private_blob)(ssh_key *key, BinarySink *);
ssh_key *(*createkey) (const ssh_keyalg *self,
const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len);
ssh_key *(*openssh_createkey) (const ssh_keyalg *self,
const unsigned char **blob, int *len);
void (*openssh_fmtkey) (ssh_key *key, BinarySink *);
/* OpenSSH private key blobs, as created by openssh_fmtkey and
* consumed by openssh_createkey, always (at least so far...) take
* the form of a number of SSH-2 strings / mpints concatenated
@ -402,11 +406,11 @@ struct ssh_signkey {
* skip over the right number to find the next key in the file.
* openssh_private_npieces gives that information. */
int openssh_private_npieces;
int (*pubkey_bits) (const struct ssh_signkey *self,
int (*pubkey_bits) (const ssh_keyalg *self,
const void *blob, int len);
int (*verifysig) (void *key, const void *sig, int siglen,
int (*verifysig) (ssh_key *key, const void *sig, int siglen,
const void *data, int datalen);
void (*sign) (void *key, const void *data, int datalen, BinarySink *);
void (*sign) (ssh_key *key, const void *data, int datalen, BinarySink *);
const char *name;
const char *keytype; /* for host key cache */
const void *extra; /* private to the public key methods */
@ -430,8 +434,8 @@ struct ssh_compress {
};
struct ssh2_userkey {
const struct ssh_signkey *alg; /* the key algorithm */
void *data; /* the key data */
const ssh_keyalg *alg; /* the key algorithm */
ssh_key *data; /* the key data */
char *comment; /* the key comment */
};
@ -457,12 +461,12 @@ extern const struct ssh_kexes ssh_diffiehellman_gex;
extern const struct ssh_kexes ssh_gssk5_sha1_kex;
extern const struct ssh_kexes ssh_rsa_kex;
extern const struct ssh_kexes ssh_ecdh_kex;
extern const struct ssh_signkey ssh_dss;
extern const struct ssh_signkey ssh_rsa;
extern const struct ssh_signkey ssh_ecdsa_ed25519;
extern const struct ssh_signkey ssh_ecdsa_nistp256;
extern const struct ssh_signkey ssh_ecdsa_nistp384;
extern const struct ssh_signkey ssh_ecdsa_nistp521;
extern const ssh_keyalg ssh_dss;
extern const ssh_keyalg ssh_rsa;
extern const ssh_keyalg ssh_ecdsa_ed25519;
extern const ssh_keyalg ssh_ecdsa_nistp256;
extern const ssh_keyalg ssh_ecdsa_nistp384;
extern const ssh_keyalg ssh_ecdsa_nistp521;
extern const struct ssh_mac ssh_hmac_md5;
extern const struct ssh_mac ssh_hmac_sha1;
extern const struct ssh_mac ssh_hmac_sha1_buggy;
@ -727,8 +731,8 @@ int ssh2_userkey_loadpub(const Filename *filename, char **algorithm,
char **commentptr, const char **errorstr);
int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
char *passphrase);
const struct ssh_signkey *find_pubkey_alg(const char *name);
const struct ssh_signkey *find_pubkey_alg_len(int namelen, const char *name);
const ssh_keyalg *find_pubkey_alg(const char *name);
const ssh_keyalg *find_pubkey_alg_len(int namelen, const char *name);
enum {
SSH_KEYTYPE_UNOPENABLE,
@ -780,7 +784,7 @@ void ssh2_write_pubkey(FILE *fp, const char *comment,
const void *v_pub_blob, int pub_len,
int keytype);
char *ssh2_fingerprint_blob(const void *blob, int bloblen);
char *ssh2_fingerprint(const struct ssh_signkey *alg, void *data);
char *ssh2_fingerprint(const ssh_keyalg *alg, ssh_key *key);
int key_type(const Filename *filename);
const char *key_type_to_str(int type);

72
sshdss.c
View File

@ -55,10 +55,10 @@ static Bignum get160(const char **data, int *datalen)
return b;
}
static void dss_freekey(void *key); /* forward reference */
static void dss_freekey(ssh_key *key); /* forward reference */
static void *dss_newkey(const struct ssh_signkey *self,
const void *vdata, int len)
static ssh_key *dss_newkey(const ssh_keyalg *self,
const void *vdata, int len)
{
const char *data = (const char *)vdata;
const char *p;
@ -91,16 +91,16 @@ static void *dss_newkey(const struct ssh_signkey *self,
if (!dss->p || !dss->q || !dss->g || !dss->y ||
!bignum_cmp(dss->q, Zero) || !bignum_cmp(dss->p, Zero)) {
/* Invalid key. */
dss_freekey(dss);
dss_freekey(&dss->sshk);
return NULL;
}
return dss;
return &dss->sshk;
}
static void dss_freekey(void *key)
static void dss_freekey(ssh_key *key)
{
struct dss_key *dss = (struct dss_key *) key;
struct dss_key *dss = FROMFIELD(key, struct dss_key, sshk);
if (dss->p)
freebn(dss->p);
if (dss->q)
@ -114,9 +114,9 @@ static void dss_freekey(void *key)
sfree(dss);
}
static char *dss_fmtkey(void *key)
static char *dss_fmtkey(ssh_key *key)
{
struct dss_key *dss = (struct dss_key *) key;
struct dss_key *dss = FROMFIELD(key, struct dss_key, sshk);
char *p;
int len, i, pos, nibbles;
static const char hex[] = "0123456789abcdef";
@ -164,10 +164,10 @@ static char *dss_fmtkey(void *key)
return p;
}
static int dss_verifysig(void *key, const void *vsig, int siglen,
static int dss_verifysig(ssh_key *key, const void *vsig, int siglen,
const void *data, int datalen)
{
struct dss_key *dss = (struct dss_key *) key;
struct dss_key *dss = FROMFIELD(key, struct dss_key, sshk);
const char *sig = (const char *)vsig;
const char *p;
int slen;
@ -273,9 +273,9 @@ static int dss_verifysig(void *key, const void *vsig, int siglen,
return ret;
}
static void dss_public_blob(void *key, BinarySink *bs)
static void dss_public_blob(ssh_key *key, BinarySink *bs)
{
struct dss_key *dss = (struct dss_key *) key;
struct dss_key *dss = FROMFIELD(key, struct dss_key, sshk);
put_stringz(bs, "ssh-dss");
put_mp_ssh2(bs, dss->p);
@ -284,16 +284,16 @@ static void dss_public_blob(void *key, BinarySink *bs)
put_mp_ssh2(bs, dss->y);
}
static void dss_private_blob(void *key, BinarySink *bs)
static void dss_private_blob(ssh_key *key, BinarySink *bs)
{
struct dss_key *dss = (struct dss_key *) key;
struct dss_key *dss = FROMFIELD(key, struct dss_key, sshk);
put_mp_ssh2(bs, dss->x);
}
static void *dss_createkey(const struct ssh_signkey *self,
const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len)
static ssh_key *dss_createkey(const ssh_keyalg *self,
const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len)
{
struct dss_key *dss;
const char *pb = (const char *) priv_blob;
@ -303,12 +303,13 @@ static void *dss_createkey(const struct ssh_signkey *self,
unsigned char digest[20];
Bignum ytest;
dss = dss_newkey(self, pub_blob, pub_len);
dss = FROMFIELD(dss_newkey(self, pub_blob, pub_len),
struct dss_key, sshk);
if (!dss)
return NULL;
dss->x = getmp(&pb, &priv_len);
if (!dss->x) {
dss_freekey(dss);
dss_freekey(&dss->sshk);
return NULL;
}
@ -324,7 +325,7 @@ static void *dss_createkey(const struct ssh_signkey *self,
put_mp_ssh2(&s, dss->g);
SHA_Final(&s, digest);
if (0 != memcmp(hash, digest, 20)) {
dss_freekey(dss);
dss_freekey(&dss->sshk);
return NULL;
}
}
@ -334,17 +335,17 @@ static void *dss_createkey(const struct ssh_signkey *self,
*/
ytest = modpow(dss->g, dss->x, dss->p);
if (0 != bignum_cmp(ytest, dss->y)) {
dss_freekey(dss);
dss_freekey(&dss->sshk);
freebn(ytest);
return NULL;
}
freebn(ytest);
return dss;
return &dss->sshk;
}
static void *dss_openssh_createkey(const struct ssh_signkey *self,
const unsigned char **blob, int *len)
static ssh_key *dss_openssh_createkey(const ssh_keyalg *self,
const unsigned char **blob, int *len)
{
const char **b = (const char **) blob;
struct dss_key *dss;
@ -360,16 +361,16 @@ static void *dss_openssh_createkey(const struct ssh_signkey *self,
if (!dss->p || !dss->q || !dss->g || !dss->y || !dss->x ||
!bignum_cmp(dss->q, Zero) || !bignum_cmp(dss->p, Zero)) {
/* Invalid key. */
dss_freekey(dss);
dss_freekey(&dss->sshk);
return NULL;
}
return dss;
return &dss->sshk;
}
static void dss_openssh_fmtkey(void *key, BinarySink *bs)
static void dss_openssh_fmtkey(ssh_key *key, BinarySink *bs)
{
struct dss_key *dss = (struct dss_key *) key;
struct dss_key *dss = FROMFIELD(key, struct dss_key, sshk);
put_mp_ssh2(bs, dss->p);
put_mp_ssh2(bs, dss->q);
@ -378,17 +379,18 @@ static void dss_openssh_fmtkey(void *key, BinarySink *bs)
put_mp_ssh2(bs, dss->x);
}
static int dss_pubkey_bits(const struct ssh_signkey *self,
static int dss_pubkey_bits(const ssh_keyalg *self,
const void *blob, int len)
{
struct dss_key *dss;
int ret;
dss = dss_newkey(self, blob, len);
dss = FROMFIELD(dss_newkey(self, blob, len),
struct dss_key, sshk);
if (!dss)
return -1;
ret = bignum_bitcount(dss->p);
dss_freekey(dss);
dss_freekey(&dss->sshk);
return ret;
}
@ -513,10 +515,10 @@ Bignum *dss_gen_k(const char *id_string, Bignum modulus, Bignum private_key,
}
}
static void dss_sign(void *key, const void *data, int datalen,
static void dss_sign(ssh_key *key, const void *data, int datalen,
BinarySink *bs)
{
struct dss_key *dss = (struct dss_key *) key;
struct dss_key *dss = FROMFIELD(key, struct dss_key, sshk);
Bignum k, gkp, hash, kinv, hxr, r, s;
unsigned char digest[20];
int i;
@ -553,7 +555,7 @@ static void dss_sign(void *key, const void *data, int datalen,
freebn(s);
}
const struct ssh_signkey ssh_dss = {
const ssh_keyalg ssh_dss = {
dss_newkey,
dss_freekey,
dss_fmtkey,

128
sshecc.c
View File

@ -1732,9 +1732,9 @@ struct ecsign_extra {
int oidlen;
};
static void ecdsa_freekey(void *key)
static void ecdsa_freekey(ssh_key *key)
{
struct ec_key *ec = (struct ec_key *) key;
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk);
if (!ec) return;
if (ec->publicKey.x)
@ -1748,8 +1748,8 @@ static void ecdsa_freekey(void *key)
sfree(ec);
}
static void *ecdsa_newkey(const struct ssh_signkey *self,
const void *vdata, int len)
static ssh_key *ecdsa_newkey(const ssh_keyalg *self,
const void *vdata, int len)
{
const struct ecsign_extra *extra =
(const struct ecsign_extra *)self->extra;
@ -1784,7 +1784,7 @@ static void *ecdsa_newkey(const struct ssh_signkey *self,
ec->publicKey.z = NULL;
ec->privateKey = NULL;
if (!getmppoint(&data, &len, &ec->publicKey)) {
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
@ -1792,16 +1792,16 @@ static void *ecdsa_newkey(const struct ssh_signkey *self,
bignum_cmp(ec->publicKey.x, curve->p) >= 0 ||
bignum_cmp(ec->publicKey.y, curve->p) >= 0)
{
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
ec = NULL;
}
return ec;
return &ec->sshk;
}
static char *ecdsa_fmtkey(void *key)
static char *ecdsa_fmtkey(ssh_key *key)
{
struct ec_key *ec = (struct ec_key *) key;
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk);
char *p;
int len, i, pos, nibbles;
static const char hex[] = "0123456789abcdef";
@ -1838,9 +1838,9 @@ static char *ecdsa_fmtkey(void *key)
return p;
}
static void ecdsa_public_blob(void *key, BinarySink *bs)
static void ecdsa_public_blob(ssh_key *key, BinarySink *bs)
{
struct ec_key *ec = (struct ec_key *) key;
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk);
int pointlen;
int i;
@ -1878,9 +1878,9 @@ static void ecdsa_public_blob(void *key, BinarySink *bs)
}
}
static void ecdsa_private_blob(void *key, BinarySink *bs)
static void ecdsa_private_blob(ssh_key *key, BinarySink *bs)
{
struct ec_key *ec = (struct ec_key *) key;
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk);
int keylen;
int i;
@ -1905,22 +1905,23 @@ static void ecdsa_private_blob(void *key, BinarySink *bs)
}
}
static void *ecdsa_createkey(const struct ssh_signkey *self,
const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len)
static ssh_key *ecdsa_createkey(const ssh_keyalg *self,
const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len)
{
struct ec_key *ec;
struct ec_point *publicKey;
const char *pb = (const char *) priv_blob;
ec = (struct ec_key*)ecdsa_newkey(self, pub_blob, pub_len);
ec = FROMFIELD(ecdsa_newkey(self, pub_blob, pub_len),
struct ec_key, sshk);
if (!ec) {
return NULL;
}
if (ec->publicKey.curve->type != EC_WEIERSTRASS
&& ec->publicKey.curve->type != EC_EDWARDS) {
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
@ -1930,7 +1931,7 @@ static void *ecdsa_createkey(const struct ssh_signkey *self,
ec->privateKey = getmp(&pb, &priv_len);
}
if (!ec->privateKey) {
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
@ -1941,16 +1942,16 @@ static void *ecdsa_createkey(const struct ssh_signkey *self,
bignum_cmp(publicKey->x, ec->publicKey.x) ||
bignum_cmp(publicKey->y, ec->publicKey.y))
{
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
ec = NULL;
}
ec_point_free(publicKey);
return ec;
return &ec->sshk;
}
static void *ed25519_openssh_createkey(const struct ssh_signkey *self,
const unsigned char **blob, int *len)
static ssh_key *ed25519_openssh_createkey(const ssh_keyalg *self,
const unsigned char **blob, int *len)
{
struct ec_key *ec;
struct ec_point *publicKey;
@ -1975,13 +1976,13 @@ static void *ed25519_openssh_createkey(const struct ssh_signkey *self,
if (!decodepoint_ed(p, plen, &ec->publicKey))
{
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
getstring((const char**)blob, len, &q, &qlen);
if (!q || qlen != 64) {
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
@ -1994,7 +1995,7 @@ static void *ed25519_openssh_createkey(const struct ssh_signkey *self,
bignum_cmp(publicKey->x, ec->publicKey.x) ||
bignum_cmp(publicKey->y, ec->publicKey.y))
{
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
ec = NULL;
}
ec_point_free(publicKey);
@ -2006,16 +2007,16 @@ static void *ed25519_openssh_createkey(const struct ssh_signkey *self,
* won't behave identically to the way OpenSSH would have treated
* it. */
if (plen != 32 || 0 != memcmp(q + 32, p, 32)) {
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
return ec;
return &ec->sshk;
}
static void ed25519_openssh_fmtkey(void *key, BinarySink *bs)
static void ed25519_openssh_fmtkey(ssh_key *key, BinarySink *bs)
{
struct ec_key *ec = (struct ec_key *) key;
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk);
strbuf *pub;
int pointlen;
@ -2049,8 +2050,8 @@ static void ed25519_openssh_fmtkey(void *key, BinarySink *bs)
strbuf_free(pub);
}
static void *ecdsa_openssh_createkey(const struct ssh_signkey *self,
const unsigned char **blob, int *len)
static ssh_key *ecdsa_openssh_createkey(const ssh_keyalg *self,
const unsigned char **blob, int *len)
{
const struct ecsign_extra *extra =
(const struct ecsign_extra *)self->extra;
@ -2078,7 +2079,7 @@ static void *ecdsa_openssh_createkey(const struct ssh_signkey *self,
ec->publicKey.y = NULL;
ec->publicKey.z = NULL;
if (!getmppoint(b, len, &ec->publicKey)) {
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
ec->privateKey = NULL;
@ -2087,14 +2088,14 @@ static void *ecdsa_openssh_createkey(const struct ssh_signkey *self,
bignum_cmp(ec->publicKey.x, curve->p) >= 0 ||
bignum_cmp(ec->publicKey.y, curve->p) >= 0)
{
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
ec->privateKey = getmp(b, len);
if (ec->privateKey == NULL)
{
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
@ -2102,7 +2103,7 @@ static void *ecdsa_openssh_createkey(const struct ssh_signkey *self,
publicKey = ec_public(ec->privateKey, ec->publicKey.curve);
if (!publicKey)
{
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return NULL;
}
@ -2110,19 +2111,19 @@ static void *ecdsa_openssh_createkey(const struct ssh_signkey *self,
bignum_cmp(ec->publicKey.y, publicKey->y))
{
/* Private key doesn't make the public key on the given curve */
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
ec_point_free(publicKey);
return NULL;
}
ec_point_free(publicKey);
return ec;
return &ec->sshk;
}
static void ecdsa_openssh_fmtkey(void *key, BinarySink *bs)
static void ecdsa_openssh_fmtkey(ssh_key *key, BinarySink *bs)
{
struct ec_key *ec = (struct ec_key *) key;
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk);
int pointlen;
int i;
@ -2143,25 +2144,26 @@ static void ecdsa_openssh_fmtkey(void *key, BinarySink *bs)
put_mp_ssh2(bs, ec->privateKey);
}
static int ecdsa_pubkey_bits(const struct ssh_signkey *self,
static int ecdsa_pubkey_bits(const ssh_keyalg *self,
const void *blob, int len)
{
struct ec_key *ec;
int ret;
ec = (struct ec_key*)ecdsa_newkey(self, blob, len);
ec = FROMFIELD(ecdsa_newkey(self, blob, len),
struct ec_key, sshk);
if (!ec)
return -1;
ret = ec->publicKey.curve->fieldBits;
ecdsa_freekey(ec);
ecdsa_freekey(&ec->sshk);
return ret;
}
static int ecdsa_verifysig(void *key, const void *vsig, int siglen,
static int ecdsa_verifysig(ssh_key *key, const void *vsig, int siglen,
const void *vdata, int datalen)
{
struct ec_key *ec = (struct ec_key *) key;
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk);
const char *sig = (const char *)vsig;
const char *data = (const char *)vdata;
const struct ecsign_extra *extra =
@ -2310,10 +2312,10 @@ static int ecdsa_verifysig(void *key, const void *vsig, int siglen,
return ret;
}
static void ecdsa_sign(void *key, const void *data, int datalen,
static void ecdsa_sign(ssh_key *key, const void *data, int datalen,
BinarySink *bs)
{
struct ec_key *ec = (struct ec_key *) key;
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk);
const struct ecsign_extra *extra =
(const struct ecsign_extra *)ec->signalg->extra;
unsigned char digest[512 / 8];
@ -2449,7 +2451,7 @@ const struct ecsign_extra sign_extra_ed25519 = {
ec_ed25519, NULL,
NULL, 0,
};
const struct ssh_signkey ssh_ecdsa_ed25519 = {
const ssh_keyalg ssh_ecdsa_ed25519 = {
ecdsa_newkey,
ecdsa_freekey,
ecdsa_fmtkey,
@ -2475,7 +2477,7 @@ const struct ecsign_extra sign_extra_nistp256 = {
ec_p256, &ssh_sha256,
nistp256_oid, lenof(nistp256_oid),
};
const struct ssh_signkey ssh_ecdsa_nistp256 = {
const ssh_keyalg ssh_ecdsa_nistp256 = {
ecdsa_newkey,
ecdsa_freekey,
ecdsa_fmtkey,
@ -2501,7 +2503,7 @@ const struct ecsign_extra sign_extra_nistp384 = {
ec_p384, &ssh_sha384,
nistp384_oid, lenof(nistp384_oid),
};
const struct ssh_signkey ssh_ecdsa_nistp384 = {
const ssh_keyalg ssh_ecdsa_nistp384 = {
ecdsa_newkey,
ecdsa_freekey,
ecdsa_fmtkey,
@ -2527,7 +2529,7 @@ const struct ecsign_extra sign_extra_nistp521 = {
ec_p521, &ssh_sha512,
nistp521_oid, lenof(nistp521_oid),
};
const struct ssh_signkey ssh_ecdsa_nistp521 = {
const ssh_keyalg ssh_ecdsa_nistp521 = {
ecdsa_newkey,
ecdsa_freekey,
ecdsa_fmtkey,
@ -2602,7 +2604,7 @@ const char *ssh_ecdhkex_curve_textname(const struct ssh_kex *kex)
return curve->textname;
}
void *ssh_ecdhkex_newkey(const struct ssh_kex *kex)
struct ec_key *ssh_ecdhkex_newkey(const struct ssh_kex *kex)
{
const struct eckex_extra *extra = (const struct eckex_extra *)kex->extra;
struct ec_curve *curve;
@ -2663,9 +2665,8 @@ void *ssh_ecdhkex_newkey(const struct ssh_kex *kex)
return key;
}
void ssh_ecdhkex_getpublic(void *key, BinarySink *bs)
void ssh_ecdhkex_getpublic(struct ec_key *ec, BinarySink *bs)
{
struct ec_key *ec = (struct ec_key*)key;
int i;
int pointlen;
@ -2683,9 +2684,8 @@ void ssh_ecdhkex_getpublic(void *key, BinarySink *bs)
}
}
Bignum ssh_ecdhkex_getkey(void *key, char *remoteKey, int remoteKeyLen)
Bignum ssh_ecdhkex_getkey(struct ec_key *ec, char *remoteKey, int remoteKeyLen)
{
struct ec_key *ec = (struct ec_key*) key;
struct ec_point remote;
Bignum ret;
@ -2714,9 +2714,9 @@ Bignum ssh_ecdhkex_getkey(void *key, char *remoteKey, int remoteKeyLen)
return ret;
}
void ssh_ecdhkex_freekey(void *key)
void ssh_ecdhkex_freekey(struct ec_key *key)
{
ecdsa_freekey(key);
ecdsa_freekey(&key->sshk);
}
static const struct eckex_extra kex_extra_curve25519 = { ec_curve25519 };
@ -2760,10 +2760,10 @@ const struct ssh_kexes ssh_ecdh_kex = {
* data.
*/
const struct ssh_signkey *ec_alg_by_oid(int len, const void *oid,
const ssh_keyalg *ec_alg_by_oid(int len, const void *oid,
const struct ec_curve **curve)
{
static const struct ssh_signkey *algs_with_oid[] = {
static const ssh_keyalg *algs_with_oid[] = {
&ssh_ecdsa_nistp256,
&ssh_ecdsa_nistp384,
&ssh_ecdsa_nistp521,
@ -2771,7 +2771,7 @@ const struct ssh_signkey *ec_alg_by_oid(int len, const void *oid,
int i;
for (i = 0; i < lenof(algs_with_oid); i++) {
const struct ssh_signkey *alg = algs_with_oid[i];
const ssh_keyalg *alg = algs_with_oid[i];
const struct ecsign_extra *extra =
(const struct ecsign_extra *)alg->extra;
if (len == extra->oidlen && !memcmp(oid, extra->oid, len)) {
@ -2782,7 +2782,7 @@ const struct ssh_signkey *ec_alg_by_oid(int len, const void *oid,
return NULL;
}
const unsigned char *ec_alg_oid(const struct ssh_signkey *alg,
const unsigned char *ec_alg_oid(const ssh_keyalg *alg,
int *oidlen)
{
const struct ecsign_extra *extra = (const struct ecsign_extra *)alg->extra;
@ -2795,7 +2795,7 @@ const int n_ec_nist_curve_lengths = lenof(ec_nist_curve_lengths);
int ec_nist_alg_and_curve_by_bits(int bits,
const struct ec_curve **curve,
const struct ssh_signkey **alg)
const ssh_keyalg **alg)
{
switch (bits) {
case 256: *alg = &ssh_ecdsa_nistp256; break;
@ -2809,7 +2809,7 @@ int ec_nist_alg_and_curve_by_bits(int bits,
int ec_ed_alg_and_curve_by_bits(int bits,
const struct ec_curve **curve,
const struct ssh_signkey **alg)
const ssh_keyalg **alg)
{
switch (bits) {
case 256: *alg = &ssh_ecdsa_ed25519; break;

12
sshpubk.c
View File

@ -584,7 +584,7 @@ struct ssh2_userkey ssh2_wrong_passphrase = {
NULL, NULL, NULL
};
const struct ssh_signkey *find_pubkey_alg_len(int namelen, const char *name)
const ssh_keyalg *find_pubkey_alg_len(int namelen, const char *name)
{
if (match_ssh_id(namelen, name, "ssh-rsa"))
return &ssh_rsa;
@ -602,7 +602,7 @@ const struct ssh_signkey *find_pubkey_alg_len(int namelen, const char *name)
return NULL;
}
const struct ssh_signkey *find_pubkey_alg(const char *name)
const ssh_keyalg *find_pubkey_alg(const char *name)
{
return find_pubkey_alg_len(strlen(name), name);
}
@ -613,7 +613,7 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
{
FILE *fp;
char header[40], *b, *encryption, *comment, *mac;
const struct ssh_signkey *alg;
const ssh_keyalg *alg;
struct ssh2_userkey *ret;
int cipher, cipherblk;
strbuf *public_blob, *private_blob;
@ -1068,7 +1068,7 @@ int ssh2_userkey_loadpub(const Filename *filename, char **algorithm,
{
FILE *fp;
char header[40], *b;
const struct ssh_signkey *alg;
const ssh_keyalg *alg;
int type, i;
const char *error = NULL;
char *comment = NULL;
@ -1514,7 +1514,7 @@ char *ssh2_fingerprint_blob(const void *blob, int bloblen)
char fingerprint_str[16*3];
const char *algstr;
int alglen;
const struct ssh_signkey *alg;
const ssh_keyalg *alg;
int i;
/*
@ -1552,7 +1552,7 @@ char *ssh2_fingerprint_blob(const void *blob, int bloblen)
}
}
char *ssh2_fingerprint(const struct ssh_signkey *alg, void *data)
char *ssh2_fingerprint(const ssh_keyalg *alg, ssh_key *data)
{
strbuf *blob = strbuf_new();
alg->public_blob(data, BinarySink_UPCAST(blob));

87
sshrsa.c
View File

@ -528,10 +528,10 @@ static Bignum getmp(const char **data, int *datalen)
return b;
}
static void rsa2_freekey(void *key); /* forward reference */
static void rsa2_freekey(ssh_key *key); /* forward reference */
static void *rsa2_newkey(const struct ssh_signkey *self,
const void *vdata, int len)
static ssh_key *rsa2_newkey(const ssh_keyalg *self,
const void *vdata, int len)
{
const char *p;
const char *data = (const char *)vdata;
@ -552,23 +552,23 @@ static void *rsa2_newkey(const struct ssh_signkey *self,
rsa->comment = NULL;
if (!rsa->exponent || !rsa->modulus) {
rsa2_freekey(rsa);
rsa2_freekey(&rsa->sshk);
return NULL;
}
return rsa;
return &rsa->sshk;
}
static void rsa2_freekey(void *key)
static void rsa2_freekey(ssh_key *key)
{
struct RSAKey *rsa = (struct RSAKey *) key;
struct RSAKey *rsa = FROMFIELD(key, struct RSAKey, sshk);
freersakey(rsa);
sfree(rsa);
}
static char *rsa2_fmtkey(void *key)
static char *rsa2_fmtkey(ssh_key *key)
{
struct RSAKey *rsa = (struct RSAKey *) key;
struct RSAKey *rsa = FROMFIELD(key, struct RSAKey, sshk);
char *p;
int len;
@ -578,18 +578,18 @@ static char *rsa2_fmtkey(void *key)
return p;
}
static void rsa2_public_blob(void *key, BinarySink *bs)
static void rsa2_public_blob(ssh_key *key, BinarySink *bs)
{
struct RSAKey *rsa = (struct RSAKey *) key;
struct RSAKey *rsa = FROMFIELD(key, struct RSAKey, sshk);
put_stringz(bs, "ssh-rsa");
put_mp_ssh2(bs, rsa->exponent);
put_mp_ssh2(bs, rsa->modulus);
}
static void rsa2_private_blob(void *key, BinarySink *bs)
static void rsa2_private_blob(ssh_key *key, BinarySink *bs)
{
struct RSAKey *rsa = (struct RSAKey *) key;
struct RSAKey *rsa = FROMFIELD(key, struct RSAKey, sshk);
put_mp_ssh2(bs, rsa->private_exponent);
put_mp_ssh2(bs, rsa->p);
@ -597,29 +597,30 @@ static void rsa2_private_blob(void *key, BinarySink *bs)
put_mp_ssh2(bs, rsa->iqmp);
}
static void *rsa2_createkey(const struct ssh_signkey *self,
const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len)
static ssh_key *rsa2_createkey(const ssh_keyalg *self,
const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len)
{
struct RSAKey *rsa;
const char *pb = (const char *) priv_blob;
rsa = rsa2_newkey(self, pub_blob, pub_len);
rsa = FROMFIELD(rsa2_newkey(self, pub_blob, pub_len),
struct RSAKey, sshk);
rsa->private_exponent = getmp(&pb, &priv_len);
rsa->p = getmp(&pb, &priv_len);
rsa->q = getmp(&pb, &priv_len);
rsa->iqmp = getmp(&pb, &priv_len);
if (!rsa_verify(rsa)) {
rsa2_freekey(rsa);
rsa2_freekey(&rsa->sshk);
return NULL;
}
return rsa;
return &rsa->sshk;
}
static void *rsa2_openssh_createkey(const struct ssh_signkey *self,
const unsigned char **blob, int *len)
static ssh_key *rsa2_openssh_createkey(const ssh_keyalg *self,
const unsigned char **blob, int *len)
{
const char **b = (const char **) blob;
struct RSAKey *rsa;
@ -636,21 +637,21 @@ static void *rsa2_openssh_createkey(const struct ssh_signkey *self,
if (!rsa->modulus || !rsa->exponent || !rsa->private_exponent ||
!rsa->iqmp || !rsa->p || !rsa->q) {
rsa2_freekey(rsa);
rsa2_freekey(&rsa->sshk);
return NULL;
}
if (!rsa_verify(rsa)) {
rsa2_freekey(rsa);
rsa2_freekey(&rsa->sshk);
return NULL;
}
return rsa;
return &rsa->sshk;
}
static void rsa2_openssh_fmtkey(void *key, BinarySink *bs)
static void rsa2_openssh_fmtkey(ssh_key *key, BinarySink *bs)
{
struct RSAKey *rsa = (struct RSAKey *) key;
struct RSAKey *rsa = FROMFIELD(key, struct RSAKey, sshk);
put_mp_ssh2(bs, rsa->modulus);
put_mp_ssh2(bs, rsa->exponent);
@ -660,17 +661,18 @@ static void rsa2_openssh_fmtkey(void *key, BinarySink *bs)
put_mp_ssh2(bs, rsa->q);
}
static int rsa2_pubkey_bits(const struct ssh_signkey *self,
static int rsa2_pubkey_bits(const ssh_keyalg *self,
const void *blob, int len)
{
struct RSAKey *rsa;
int ret;
rsa = rsa2_newkey(self, blob, len);
rsa = FROMFIELD(rsa2_newkey(self, blob, len),
struct RSAKey, sshk);
if (!rsa)
return -1;
ret = bignum_bitcount(rsa->modulus);
rsa2_freekey(rsa);
rsa2_freekey(&rsa->sshk);
return ret;
}
@ -706,10 +708,10 @@ static const unsigned char asn1_weird_stuff[] = {
#define ASN1_LEN ( (int) sizeof(asn1_weird_stuff) )
static int rsa2_verifysig(void *key, const void *vsig, int siglen,
static int rsa2_verifysig(ssh_key *key, const void *vsig, int siglen,
const void *data, int datalen)
{
struct RSAKey *rsa = (struct RSAKey *) key;
struct RSAKey *rsa = FROMFIELD(key, struct RSAKey, sshk);
const char *sig = (const char *)vsig;
Bignum in, out;
const char *p;
@ -757,10 +759,10 @@ static int rsa2_verifysig(void *key, const void *vsig, int siglen,
return ret;
}
static void rsa2_sign(void *key, const void *data, int datalen,
static void rsa2_sign(ssh_key *key, const void *data, int datalen,
BinarySink *bs)
{
struct RSAKey *rsa = (struct RSAKey *) key;
struct RSAKey *rsa = FROMFIELD(key, struct RSAKey, sshk);
unsigned char *bytes;
int nbytes;
unsigned char hash[20];
@ -796,7 +798,7 @@ static void rsa2_sign(void *key, const void *data, int datalen,
freebn(out);
}
const struct ssh_signkey ssh_rsa = {
const ssh_keyalg ssh_rsa = {
rsa2_newkey,
rsa2_freekey,
rsa2_fmtkey,
@ -814,20 +816,19 @@ const struct ssh_signkey ssh_rsa = {
NULL,
};
void *ssh_rsakex_newkey(const void *data, int len)
struct RSAKey *ssh_rsakex_newkey(const void *data, int len)
{
return rsa2_newkey(&ssh_rsa, data, len);
return FROMFIELD(rsa2_newkey(&ssh_rsa, data, len),
struct RSAKey, sshk);
}
void ssh_rsakex_freekey(void *key)
void ssh_rsakex_freekey(struct RSAKey *key)
{
rsa2_freekey(key);
rsa2_freekey(&key->sshk);
}
int ssh_rsakex_klen(void *key)
int ssh_rsakex_klen(struct RSAKey *rsa)
{
struct RSAKey *rsa = (struct RSAKey *) key;
return bignum_bitcount(rsa->modulus);
}
@ -860,11 +861,9 @@ static void oaep_mask(const struct ssh_hash *h, void *seed, int seedlen,
}
void ssh_rsakex_encrypt(const struct ssh_hash *h, unsigned char *in, int inlen,
unsigned char *out, int outlen,
void *key)
unsigned char *out, int outlen, struct RSAKey *rsa)
{
Bignum b1, b2;
struct RSAKey *rsa = (struct RSAKey *) key;
int k, i;
char *p;
const int HLEN = h->hlen;

10
windows/winpgen.c
View File

@ -961,7 +961,7 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
{
int i, bits;
const struct ec_curve *curve;
const struct ssh_signkey *alg;
const ssh_keyalg *alg;
for (i = 0; i < n_ec_nist_curve_lengths; i++) {
bits = ec_nist_curve_lengths[i];
@ -1366,16 +1366,16 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
SendDlgItemMessage(hwnd, IDC_PROGRESS, PBM_SETPOS, PROGRESSRANGE, 0);
if (state->ssh2) {
if (state->keytype == DSA) {
state->ssh2key.data = &state->dsskey;
state->ssh2key.data = &state->dsskey.sshk;
state->ssh2key.alg = &ssh_dss;
} else if (state->keytype == ECDSA) {
state->ssh2key.data = &state->eckey;
state->ssh2key.data = &state->eckey.sshk;
state->ssh2key.alg = state->eckey.signalg;
} else if (state->keytype == ED25519) {
state->ssh2key.data = &state->eckey;
state->ssh2key.data = &state->eckey.sshk;
state->ssh2key.alg = &ssh_ecdsa_ed25519;
} else {
state->ssh2key.data = &state->key;
state->ssh2key.data = &state->key.sshk;
state->ssh2key.alg = &ssh_rsa;
}
state->commentptr = &state->ssh2key.comment;